Tag: malicious packages
18 articles

Malicious Vite npm Packages Exploit Blockchain C2 for RAT Delivery
Security researchers have uncovered a sneaky campaign, dubbed ViteVenom, involving seven malicious npm packages that target Vite developers, executing malicious code as soon as they're imported. These packages, published in a matter of days, may have modest download counts, but their stealthy nature raises major red flags for the supply-chain community.

Malicious PyPI Packages Expose Telegram Bot Servers to Hacker Control
Hackers have launched a sneaky attack, hiding malicious code in fake Python packages on PyPI, which can take control of Telegram bot servers and give attackers access to sensitive info like chats, contacts, and environment variables. This backdoor can be activated with a simple command, allowing attackers to execute any Python code on the victim's machine.

Mastra Packages Compromised in Software Supply Chain Attack
A massive software supply chain attack just hit Mastra, with over 140 malicious packages published in a single day by a compromised npm account. The swift and coordinated assault, dubbed easy-day-js, unfolded over just two days, catching defenders scrambling to respond.

Malicious npm Packages Target Cloud Credentials
Malicious actors are targeting cloud credentials by publishing fake npm packages that mimic popular projects, allowing them to infiltrate developer environments and gain access to sensitive AWS and Elastic credentials. In just four hours, a single attacker published 14 malicious packages using cleverly disguised names.

Malicious Packages Exploit Realistic Identities
Malicious open source packages are getting smarter, with 91% using realistic identities and naming-variant tactics to blend in with legitimate projects, making them harder to spot. This shift away from simple typosquatting tricks means developers need to be extra vigilant when adding dependencies to their workflows.

Mini Shai-Hulud Campaign Targets npm Ecosystem with Malicious AntV Packages
A large-scale attack has infected hundreds of popular npm packages, including widely-used data visualization and React components, with malicious updates, putting a vast number of projects and applications at risk. The attackers published 639 malicious versions across 323 unique packages in a fast-moving supply chain operation.

Malicious PyPI Packages Spread Devastating Malware
Malicious actors have struck again, this time infiltrating the Python Package Index (PyPI) with tainted versions of popular packages Telnyx and LiteLLM, putting developers' sensitive credentials at risk. Can we trust the software supply chain when even seemingly secure systems can be breached?

malicious npm packages: Stunning Critical Threat Revealed
Researchers uncovered Beamglea — 175 malicious npm packages downloaded about 26,000 times — that quietly hosted credential‑harvesting phishing campaigns against 135+ organizations, a stark reminder that the convenience of open-source packages can become a gateway for large‑scale theft.

Alarming 188% Annual Increase in Malicious Open Source Packages
Discover the shocking 188% annual rise in malicious open source packages and its implications for developers and software security.

Malicious RubyGems pose as Fastlane to steal Telegram API data
Malicious RubyGems masquerading as Fastlane target Telegram API data—stay alert to protect your systems from these deceptive packages.

Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
Over 70 malicious npm and VS Code packages discovered stealing sensitive data and crypto. Secure your projects and protect your assets.

Reconnaissance Campaign Active on NPM Repository
A reconnaissance campaign on the NPM repository exposes vulnerabilities and drives urgent calls for stronger security protocols.

Dozens of malicious packages on NPM collect host and network data
Dozens of malicious NPM packages are covertly collecting host and network data, exposing developers to critical security risks and data breaches.

Malicious PyPI Packages Use Social Media APIs to Validate User Accounts
Malicious PyPI packages exploit social media APIs to validate user accounts, heightening risk and enabling targeted deception.

Malicious PyPI packages abuse Gmail, websockets to hijack systems
Malicious PyPI packages exploit Gmail and websockets to hijack systems, raising cybersecurity concerns and necessitating enhanced threat detection mechanisms.

The Hidden Dangers of AI-Driven Slopsquatting in Supply Chains
Explore the hidden dangers of AI-driven slopsquatting in supply chains, revealing risks to efficiency, security, and ethical practices.

Malicious npm Packages Imitate Telegram Bot API to Install SSH Backdoors on Linux
Malicious npm packages mimic the Telegram Bot API to install SSH backdoors on Linux, posing serious security risks for developers and systems.

New Malicious PyPI Package Exploits MEXC Trading API to Hijack Credentials and Orders
New malicious PyPI package targets MEXC Trading API, hijacking user credentials and orders, posing serious security risks for traders.